SSH or how to remotely control a UNIX system in a secure manner. The SSH keys is a secure method to interact with a UNIX system remotely. They are also used to transfer data between different systems. Using clever cryptography anyone can use them. As their name state it is a pair of keys, one […]
SSH keys
Web credentials stealing
The theft of credentials has been occurring since almost the beginning of time. But of course when the web ‘happened’ and specially when e-commerce exploded stealing passwords also went on the rise. Emptying bank accounts, ordering stuff on behalf (and expenses) of others, spying, even impersonation was and is achieved by stealing credentials. Luckily for […]
How to improve Apache HTTP performance on FreeBSD
There are some nice articles on the internet telling you how to improve your Apache HTTP server’s performance. I did my bit on FreeBSD land. While turning on a different MPM than the prefork default one increases Apache HTTP performance by a lot, it is not the only thing one may do. For example if […]
How to update FreeBSD using beadm
Beadm is a tool which provides a wonderful and distinctive functionality on Solaris, OpenIndiana and FreeBSD. It relies on the ZFS filesystem allowing to take a filesystem snapshot. That can be used to manage the so called boot environments which provide a great way to secure updates, even when everything goes down the tubes. Hence […]
How to enable log rotation on FreeBSD
This is a very short simple entry but it may help you. As many others you may be running a web server, or any other service that creates some logging information. Enable log rotation on FreeBSD will keep those log files in a manageable size (at least more readable) and they won’t grow and expand […]
How to setup MariaDB master-slave replication on FreeBSD
Having all the data in just one server is not the best idea. Especially when talking about a database server. Spreading information in several boxes is a good measure to prevent data loss but also for performance. A MySQL/MariaDB master-slave replication scheme is often used as a good solution for both, data redundancy and speed. […]
How to harden Apache HTTP
Disclaimer: This is a long article. I haven’t collected some nice configuration settings here for the sake of it. There are other hardening guides but some fall short on explaining the functionalities to be enabled or disabled. Every step is shortly, and hopefully clearly, explained so any reader can grasp the main idea of every […]
How to set the locale in FreeBSD
The locale is the character set that will be used. And it is very important to match the keyboard you are using. Mind this also matters if you are transferring data to other systems. Different standards as the ASCII, UTF’s and the ISO’s, to name a few, have been put in place through the years […]
How to test SSL/TLS configurations
If you are in charge of any site with SSL/TLS conenctions enabled you are always in the chase to get the best possible and most secure configuration. This isn’t always the case and the lack of time does take its toll on many administrators. Those individuals are always asked to do more with less and […]
WordPress administration over SSL
If you are a WordPress user or prettend to become one and you have some IT administration knowledge this guide is of your interest. Many hostings already provide easy point and click solutions to administer WordPress over SSL. However you may be self hosting WordPress or you’re just a curious person. What is TLS? TLS […]